It is well-known that attacks are often launched against items of software. The attacker may wish to obtain secret information contained within the item of software (such as a cryptographic key), with the aim of misusing that secret information (for example by distributing the cryptographic key to other people/systems so that those people/systems can use the cryptographic key in an unauthorized manner). Similarly, the attacker may wish to modify the execution flow of an item of software. For example, the item of software may have a decision point that checks whether a user of the item of software has certain permissions or access rights—if the user has those permissions or access rights then the item of software may grant the user access to certain functionality or data, otherwise such access is denied. The attacker may wish to try to modify the execution of the item of software at this decision point so that, even if the user does not have the permissions or access rights, the item of software still grants the user access to that certain functionality or data.
There are numerous well-known software protection techniques that can be applied to an initial item of software in order to generate a protected item of software, with the aim of making it impossible (or at least sufficiently difficult) for an attacker to be successful in his attacks.